Content Security for a Mobile Communication Terminal

ABSTRACT

A method for outputting sensitive data to a user includes a communication terminal checking to determine whether at least a portion of the sensitive data is to be outputted by determining whether the communication terminal is in one of a plurality of predefined communication configurations for outputting the sensitive data. If the communication terminal is found to be a first configuration, the communication terminal transmits the sensitive data so that at least one of the video data and the audio data is output to the user via at least one peripheral device connected to the communication terminal. If the communication terminal is in a second configuration, the communication terminal performs at least one security action to help further protect the sensitive data.

FIELD OF THE INVENTION

The present invention relates to communication systems and, moreparticularly, to a communication system, a communication device andapplication for such a device that permits security precautions to beimplemented in addition to the exchange of security keys forauthorization purposes and use of encryption. Examples of communicationdevices may include computers, cellular phones, tablets, laptops,personal digital assistants, or other mobile terminal devices thatutilize one or more processors that run programs stored on memoryconnected to the one or more processors to permit communication servicesto be provided to a user.

BACKGROUND OF THE INVENTION

A secured video call from one person using one communication device toanother person using a different communication device may utilizeencryption and the exchange of security keys for authenticating thedevices and users of those devices. Such security measures are typicallytaken to protect the data exchanged between the devices over acommunication path along which data packets or other data is sent duringan established communication. Such security features, however, stillrely on a user to be aware of those near the user.

A user must therefore take steps to ensure that others near that usercannot see confidential or privileged data communicated via a videotransmitted during the communication session or hear any audio that maybe emitted from that person's device. Such issues can occur when a useris participating in such a communication in a public place, such as arestaurant, bus, subway station or sporting event where otherunauthorized people may be able to hear or see content that is supposedto remain confidential. If a user fails to appreciate the fact thatpotential eyedroppers or eavesdroppers are nearby and engages in acommunication in such a public place, then sensitive, proprietary orconfidential data communicated during a communication session may beimproperly disclosed or exposed to others even though the transmitteddata was encrypted and sent to an authorized device and authorized user.

A new mechanism is needed to improve the security provided duringcommunication sessions. Preferably such a security mechanism is capableof improving a user's use of a communication device for a confidentialor privileged communication session to help ensure the confidentialityof data transmitted during that communication session is not exposed tothird parties that are not authorized to learn of such information.

SUMMARY OF THE INVENTION

A method is provided for a communication terminal to output sensitivedata that includes at least one video data and audio data. The methodincluding the steps of the communication terminal receiving at least oneof (i) an indicator that sensitive data is to be communicated to thecommunication terminal in a communication session that is to beestablished with a communication device and (ii) the sensitive data viathe communication session. The communication terminal checks todetermine whether at least a portion of the sensitive data is to beoutputted by determining whether the communication terminal is in one ofa plurality of predefined communication configurations for outputting atleast one of audio and video based on or defined by the sensitive data.The predefined communication configurations may include a firstconfiguration and a second configuration. The first communicationconfiguration for ouputing data may include an arrangement wherein thesensitive data is outputable via at least one peripheral deviceconnected to the communication terminal for ouptting at least one ofaudio and video defined by or based on the sensitive data to only a userof the communication terminal. The second configuration may be anarrangement where the at least one of the audio and video based on ordefined by the sensitive data is outputted by the communication terminalsuch that at least one of the audio and the video is at least one ofviewable and audible to a non-user near the communication terminal. Ifthe communication terminal is in the first configuration, thecommunication terminal transmits the sensitive data so that at least oneof the video and the audio is output to the user via the at least oneperipheral device. If the communication terminal is in the secondconfiguration, the communication terminal performs at least one securityaction. The at least one security action includes at least one of (a)transmitting a warning to the user that indicates that the communicationterminal is configured to output the sensitive data so that a non-usercould hear or view at least one of the audio and the video and (b)withholds at least a portion of the sensitive data so that the at leastone of the video and the audio is not output to the user via thecommunication terminal.

It should be appreciated that a non-user may be near a communicationterminal by being a certain distance from the communication terminal,such as between 0 and 5 meters away from the communication terminal suchthat a non-user may see a display of the communication terminal or hearsound emitted by the communication terminal. A non-user may also be neara communication terminal if that person can see a display of thecommunication terminal while the user of the communication terminal isusing the communication terminal. A non-user may also be considered neara communication terminal if that non-user can hear sound emitted by aspeaker of the communication terminal.

The sensitive data may be encrypted data. The encrypted data may includejust video data, just audio data, or both audio data and video data. Thesensitive data may alternatively not be encrypted but may be dataidentified as being sensitive data.

The communication terminal may be a mobile communication terminal suchas a laptop, cordless telephone, cellular telephone, personal digitalassistant, tablet, or a mobile computer device. The at least oneperipheral device may include just one peripheral device or may includemultiple peripheral devices. For instance, the peripheral device mayonly be spectacles for viewing video in a personal way or may includeboth spectacles and earphones. In some embodiments spectacles or otherheadgear may include both earphones and a display for permitting asecure personal display of images to only the user.

In some embodiments of the method, the sensitive data may include bothvideo data and audio data. The predefined communication configurationsmay also include a third configuration. In the third configuration, onlyvideo may be displayable via the at least one peripheral device andaudio is not outputable via one of the at least one peripheral deviceand the first configuration is defined as being both the video and theaudio are outputable via the at least one peripheral device. If thecommunication terminal determines that the communication terminal is inthe third configuration, the communication terminal transmits the videodata so that the video is output to the user via the at least oneperipheral device. The communication terminal also performs at least onesecurity action that may include transmitting a warning, withholding theaudio data so that the audio is not output to the user via thecommunication terminal or performing both the transmitting the warningand the withholding the audio data.

In yet another embodiment of the method, the third configuration mayalternatively be defined as being a configuration wherein audio isoutputable via the at least one peripheral device and the video is notoutputable via the at least one peripheral device. If the communicationterminal determines that it is in the third configuration, it maytransmit the audio data so that the at least one peripheral device canemit the audio. The communication terminal may also transmit a warning,withhold the video data, or do both such functions to inform a user thatthe communication terminal is not configured to output the video so thata non-user could not view the video.

In some embodiments of the method the communication terminal may performthe checking for determining whether at least a portion of the sensitivedata is to be output prior to the communication session beingestablished. The communication terminal may withhold the sensitive dataso that the sensitive data is not output to the user via thecommunication terminal by refusing to establish the communicationsession if it is determined to be in the second configuration when thechecking is performed.

In some embodiments of the method, the video data may include at leastone frame of prerecorded pictorial data and the method may also includethe step of displaying a scrambled video based on the video data and apredefined default video when the at least one peripheral device isconnected to the communication terminal and displays the video data. Thescrambled video may be scramble by use of static noise, noise in theform of other video data from other pictorial data or prerecorded data,the reordering of video data so that the video data is not played in aproper sequential order or the addition of other data to the video datato scramble the video data.

In some embodiments of the method, the communication terminal may detectat least one peripheral device being connected to the communicationterminal after emitting the warning to its user. That warning may informthe user that at least one peripheral device is needed to be coupled tothe communication terminal for at least a portion of the sensitive datato be emitted to the user via the communication terminal. Thecommunication terminal may output or transmit the sensitive data to theone or more peripheral devices when it is detected as being coupled tothe communication terminal.

The method may also include additional steps in yet other embodiments ofthe method. For instance, the method may include the step of acommunication terminal sending a response message to the communicationdevice seeking toe establish a communication session. The responsemessage may include an indicator that identifies whether the audio,video, or both the audio and video were emitted securely via peripheraldevices or whether one of or both of the audio and video were emittedwithout such precautions being taken. For instance, the indicator of theresponse message may identify whether the communication terminal was ina configuration that permitted outputting of the audio or video securelyvia a personal output of the video or audio when the audio or video wasoutput.

In yet other embodiments of the method, the communication terminal maysend a response message that identifies whether the at least one of theaudio and video are to be outputted via the at least one peripheraldevice or not. If the indicator identifies that either the audio orvideo or both is to be outputted by the communication terminal but willnot be outputted via the at least one peripheral device, thecommunication device may send a request message to the communicationterminal requesting that the audio, video or both defined by thesensitive data not be outputted. In response to receipt of such arequest message, the communication terminal may act to block suchnon-secure output of the audio or video. The communication terminal mayblock such unsecure output until at least one peripheral device neededfor secure and personal emission of the video or audio iscommunicatively coupled to the communication terminal.

A communication terminal is also provided. The communication terminalmay be configured to perform any of the embodiments of the method. Forinstance, the communication terminal may include memory, a processor, areceiver unit and at least one interface for connecting to at least oneperipheral device for implementing the method. The receiver unit may bepart of a transceiver unit in some embodiments of the communicationterminal. The communication terminal may also include a speaker ordisplay unit.

A non-transitory computer readable medium having code stored thereonthat defines a method that is implemented when the code is executed isalso provided. The non-transitory memory may be a computer program suchas an application that is stored on memory of a server and is availablefor download for example. The non-transitory memory may alternatively becode stored on a hard drive of a computer device or on a compact disc,flash memory or other computer readable medium product. The code maydefine a method when executed by a processor of a computer device suchas a communication terminal. For instance, the method defined by thecode may include any of the above referenced methods that are alsofurther discussed below.

Other details, objects, and advantages of the invention will becomeapparent as the following description of certain present preferredembodiments thereof and certain present preferred methods of practicingthe same proceeds.

BRIEF DESCRIPTION OF THE DRAWINGS

Present preferred devices, systems, and apparatuses for providing securecommunications between multiple communication devices are shown in theaccompanying drawings and certain present preferred methods ofpracticing the same are also illustrated therein. It should beunderstood that like reference numbers used in the drawings may identifylike components.

FIG. 1 is a block diagram of a communication system utilizing anembodiment of the communication terminal that receives encrypted datathat includes audio data.

FIG. 2 is a block diagram of a communication system utilizing anembodiment of the communication terminal that receives encrypted datathat includes video data.

FIG. 3 is a block diagram of a communication system utilizing anembodiment of the communication terminal that receives encrypted datathat includes video data.

FIG. 4 is a block diagram of a communication system utilizing anembodiment of the communication terminal that receives encrypted datathat includes video data.

FIG. 5 is a block diagram of an exemplary embodiment of thecommunication terminal.

FIG. 6 is a flow chart illustrating one embodiment of a method of usingthe communication terminal to output encrypted data or other dataidentified as containing sensitive information.

DETAILED DESCRIPTION OF PRESENT PREFERRED EMBODIMENTS

Embodiments of a communication system utilizing embodiments of acommunication terminal 1 may be appreciated from FIGS. 1-6. A telephone2 or other communication device may send a data stream to thecommunication terminal 1 via a network connection that extends throughat least one network 4. The communication between the telephone 2 andthe communication terminal 1 may pass through one or more gateways orother network nodes. One example of such a gateway or node is a switch3. One such switch could be a private branch exchange (PBX), a router,or a communication server that manages communications for the telephone2 within the network 4.

The telephone 2 may be a mobile phone, a cellular phone, a videophone,or a PC telephone. The telephone 2 may also be a computer that has amicrophone and speaker peripherals attached thereto to enable the userof the computer to place video or audio communications with other usersof other communication devices via the computer. The communicationterminal 1 may be a phone such as a mobile phone, a cellular phone, orother type of a mobile communication device such as a personal digitalassistant, tablet, or laptop computer.

The telephone 2 or other communication endpoint or communication devicemay send signaling through a channel of a communication path to thecommunication terminal to establish a communication. That signaling mayinclude, for example, an INVITE message sent to the communicationterminal 1 to initiate a communication connection such as a phone callor video phone call. The signaling or establishment of the communicationconnection may also include an exchange of authorization keys by thetelephone 2 and communication terminal 1 to ensure the devices areauthorized to verify each device was authenticated. Such an exchange mayalso utilize an authentication server such as an AAA server or mayutilize another type of authorization process.

After the communication connection is established, data such as voicedata, audio data, or both voice and audio data may be sent over thecommunication path in a data stream. The sent data may be encrypted orinclude an identifier that is associated with the data to identify thedata as containing sensitive information, such as confidentialinformation, commercially sensitive information, medical record relatedinformation or other data that should not be disclosed to third partiesor should only be disclosed to authorized persons.

The communication terminal 1 may be configured to determine whether thedata to be sent via the communication connection is sensitive data. Sucha determination may be made after the communication connection isestablished between the telephone 2 and communication terminal 1 or maybe made prior to the establishment of such a connection. For example,the signaling used to establish the communication connection may includean indicator that identifies the fact that data to be communicatedduring the communication connection includes sensitive data. Such anindicator may be associated with all the data to be communicated via thecommunication connection that is sought to be established.Alternatively, the communication terminal 1 may assess data providedafter the communication connection is established to assess whether thereceived data contains sensitive data.

If it is determined that sensitive data is to be communicated over thecommunication connection or is sought to be sent over a communicationconnection that the telephone 2 desired to establish with thecommunication terminal 1, the communication terminal 1 may be configuredto determine whether it is in a configuration that would permit receiptof such data or not. If it is not in a configuration that would permitreceipt of such data, the communication terminal may communicate awarning to the user of the communication terminal. The warning may helpthe user remember that others near the user or the communicationterminal may be able to hear or see video or audio that containssensitive information and that such an occurrence is undesired orcontrary to a policy of the user's employer.

For instance, the communication terminal may determine whether it iscurrently communicatively coupled to one or more peripheral devices thatwould permit sensitive data to be displayed, audibly emitted, orotherwise output to a user in a personal way so that only that usercould hear, see or otherwise receive the sensitive data. If thecommunication terminal determines it is not so configured to providesuch a personal output or transmission of sensitive data to its user, itmay be configured to automatically refuse the connection request or mayissue a warning to its user that either requires the user to connect atleast one peripheral device that permits personal outputting of audio orvideo to the communication terminal 1 or override the warning byacknowledging the warning and requesting receipt of the data withoutsuch peripheral devices being connected. Such a feature may preventothers near enough to the communication terminal to hear audio outputfrom a speaker of the communication terminal or see a video that may beshown on the display of the communication terminal.

It should be understood that an acknowledgment of a warning may beprovided in a number of ways by a user. For example, the user may pressor otherwise actuate an “OK” button as shown on the display unit 12 inFIG. 1 or by otherwise providing input to the communication terminalthat acknowledges the warning. Other examples of providing input may bepressing a button of the communication terminal 1 to provide such inputor speaking a command to the communication terminal so that a microphoneof the communication terminal 1 configured to receive spoken commandsreceives the spoken input.

The communication terminal 1 may output a warning to a user to ensurethe user of the communication terminal knows that sensitive informationis being transmitted and that such information should not be received byany non-users such as nearby people who are not the user that may hearsound emitted from a speaker 14 of the communication terminal or peoplewho may see images illustrated by the display unit 12 of thecommunication terminal. For instance, if the communication terminal 1determines that a loud speaker or speaker phone speaker feature of thecommunication terminal is active and would emit audio based on audiodata identified as having sensitive information, the communicationterminal may display warning 12 a to inform the user that the loudspeaker mode is active. The communication terminal 1 may be configuredso that no sensitive audio data is emitted when the communicationterminal has the loud speaker or speaker phone speaker activated, or maybe configured to require a user to acknowledge the warning by providinginput to the communication terminal to acknowledge the emitted warningprior to emitting such sensitive audio data, or may be configured toprovide a warning to a user and also not permit sensitive data to beoutput by the communication terminal while it is in a configuration thatdoes not permit the sensitive data to be output in only a personal wayto only the user of the communication terminal 1.

In some communication connections, audio and video data may betransmitted by a telephone or other communication endpoint to thecommunication terminal that are classified as being sensitive data. Thecommunication terminal may only be communicatively coupled to aperipheral device that only permits audio or only permits video to beoutput in a personal way to only the user of the communication terminal.For instance, the user may wear spectacles on which video is displayedbut not have earphones or may have earphones connected to thecommunication terminal but not have display spectacles or another typeof personal visual display peripheral device connected to thecommunication terminal. When the communication terminal 1 detects such aconfiguration, the sensitive data that may be output in a personalfashion via the connected peripheral device may be output. Sensitivedata that is not able to be output in a personal way may not be output.As another alternative, sensitive data may only be output by thecommunication terminal after the issuance of a warning to the user ofthe communication terminal is communicated that requires action by theuser via input provided to the communication terminal for thecommunication terminal to output sensitive data to the user.

For example, if the communication terminal 1 is connected to earphonesand receives both video data and audio data that is encrypted and, as aresult, determined to contain sensitive data, the communication terminalmay send the audio data to the earphones so that the earphones emitaudio to the user's ears based on the audio data. But, the communicationterminal may not display the video defined by the video data. Instead,the communication terminal may only issue a warning informing the userof the communication terminal that a necessary peripheral device is notattached. If the user provides input to override the warning, thecommunication terminal may then display a video defined or based on thereceived sensitive video data via a display unit of the communicationterminal. If desired, the data could alternatively be tagged by thecommunication terminal so that any effort to override the warningresults in the data not being transmitted unless a required peripheraldevice needed for personal outputting of the data is communicativelycoupled to the communication terminal for outputting of that sensitivedata to the user.

As another example, the communication terminal 1 may be connected tospectacles that may only display video based on received video data butnot also emit audio data. The communication terminal connected to thespectacles may then receive encrypted data that includes audio data andvideo data. The communication terminal may determine that the receiveddata is sensitive data and send the video data to the spectacles so thatvideo may be displayed to the user that is based upon or defined by thesensitive video data. The communication terminal may not emit any audiobased on or defined by the sensitive audio data. Instead, thecommunication terminal may issue a warning to inform the user that theaudio data is sensitive and either cannot be emitted or should not beemitted. In some embodiments, the communication terminal may beconfigured so that the communication terminal 1 emits audio based on ordefined by the sensitive audio data after receipt of input from the userthat acknowledges the warning or provides input that overrides theissued warning. Alternatively, the communication terminal 1 may beconfigured so that the sensitive audio data is only outputable ifearphones or another type of peripheral device that permits a personalemission of the audio to the user is communicatively coupled to thecommunication terminal.

It should be appreciated that the communication terminal 1 may beconfigured to determine whether data contains sensitive information atdifferent times. For instance, some embodiments of the communicationterminal may be configured to determine whether sensitive information issought to be transmitted to the communication terminal prior to theestablishment of a communication connection. For example, an INVITEmessage used to initiate the formation of such a communicationconnection may include an indicator that indicates that data to betransmitted via the connection that is sought with the communicationterminal 1 includes sensitive information. Other embodiments may beconfigured to assess whether data that is received through a formedcommunication connection contains sensitive information. Sensitiveinformation may be detected in a number of ways. For example, whetherdata is considered to include sensitive data may be based on a receiptor detection of an indicator associated with the received data. Datacould also be considered sensitive data if the data received by thecommunication terminal is encrypted.

It should be understood that sensitive data need not be identified dueto the fact it is encrypted. Indeed in some embodiments of our systemand method, sensitive data may not be encrypted. For example, in somesituations, a communication connection may already be secure via use ofa private network or corporate network. In other situations, it ispossible the data may be sent unencrypted though it is not communicatedvia a relatively secure communication connection.

In yet other embodiments, data received by the communication terminalmay be considered sensitive due to a setting of the communicationterminal that configures the communication terminal to identify anyreceived data as being sensitive data. A user may provide input to thecommunication terminal to activate such a setting when the user onlywishes to securely hear or see video or audio due to his surroundingsregardless of whether such data may be otherwise identified as sensitiveby the sender of that data. If such a setting is actuated, then anyreceived data may be associated with the user activated parameter and beconsidered sensitive data.

The communication terminal 1 may also be configured to send a returnsignal or return message to the telephone 2 or other communicationdevice to which the communication terminal 1 may have a communicationconnection formed or be in the processing of establishing such aconnection for a possible communication session. The return message orreturn signal may inform the telephone 2 or other communication deviceabout whether the communication terminal 1 accepted the sensitive dataor the sought communication connection that would include such sensitivedata. In the event the sensitive data was received by the communicationterminal, the return signal or return message may also provideinformation to the telephone 2 or other communication device to identifywhether the communication terminal presented the sensitive data securelyor whether the sensitive data was output as audio or video in anunsecured fashion. For example, such information may be signaled to thetelephone or other communication device similar to an INFO message,NOTIFY message, acknowledge message (e.g. “ACK message”) or otherresponse message that includes a parameter or other indicator thatindicates whether the sensitive data was output securely or non-securelyby the communication terminal.

Referring to FIG. 2, the communication terminal may also be configuredto detect sensitive video data provided by the telephone 2 or othercommunication endpoint sending data to the communication terminal 1.Such a data stream may also include sensitive audio data. Upon adetection of such sensitive video data, the communication terminal 1 maydisplay a warning 12 b to the user of the communication terminal via thedisplay unit 12 as shown in FIG. 2. Such a warning may be presented inconjunction with the display device not showing such video data.Alternatively, the communication terminal 1 may be configured to displaysuch sensitive video only after a user acknowledges the warning byproviding input via an input device of the communication terminal thatacknowledges receipt and understanding of the warning 12 b and requeststhe video still be displayed. Such input may be provided by touching thedisplay if the display unit is configured as a touch screen display.Alternatively, the input may be provided by a user pressing a button orspeaking a command that is received by a microphone or otherwiseproviding input via an input device of the communication terminal 1.

In the event a user chooses to provide input to override the warning andhave the audio or video containing sensitive data emitted via a speakeror display of the communication terminal 1 without the use of aperipheral device that would permit such audio or video to be displayedto only the user in a secure fashion, the communication terminal 1 maysend a response message to the telephone 2 that includes a parameter orother type of indicator that identifies the fact that the sensitive datawas output when the communication terminal was in a configuration thatdid not permit a secure output of the sensitive data. Such a responsemessage may be sent before the audio or video containing the sensitivedata is output to the user via the communication terminal 1. In someembodiments, the telephone 2 may be configured to send a request messageto the communication terminal 1 that causes the communication terminal 1to block the unsecure output of such sensitive video or audio uponreceipt of such a request message. The blocking of the output of suchaudio or video may occur automatically in response to the receipt ofsuch a request message or may occur only after an advisory is displayedvia the display unit of the communication terminal that informs the userthat the sensitive data has been blocked for output to the user untilthe communication terminal is placed into a proper configuration viaconnection of one or more peripheral devices. In other embodiments, thetelephone 2 may merely be configured to provide a record to the user ofthe telephone 2 that identifies the fact that the sensitive video oraudio was not output securely by the communication terminal 1.

Referring to FIG. 3, the communication terminal 1 may also be configuredto detect the presence of one or more peripheral devices that permit auser of the communication terminal 1 to receive sensitive data in apersonal way such that only the user may hear sensitive audio data orsee sensitive video data. For instance, a user may wear spectacles 21that may be communicatively connected to the communication terminal viaa peripheral device interface 19 so that sensitive video data may beshown to the user wearing the spectacles so that only the user's eyessee the video output based on the received sensitive video data. Asanother example, the spectacles 21 may include earphones for positioningin the user's ears for hearing audio emitted based upon the receivedsensitive audio data. Instead of spectacles, the user may wear a hat orhelmet that includes a visor or display that hangs adjacent the user'seyes when the helmet or hat is worn that displays video received from acommunication terminal to which it is communicatively connected via awireless or wired connection to a peripheral device interface of thecommunication terminal. The display provided by the visor or otherdisplay may be configured to provide a personal display of video orimages so that only the user wearing the hat or helmet may see theimages displayed by the device. The hat or helmet can also includeearphones to be positioned adjacent a user's ears so that audio may beemitted by the worn device. As another alternative, a separate set ofearphones may also be communicatively coupled to the communicationterminal 1 via a peripheral device interface 19 so that audio based onthe received sensitive audio data is only emitted within the user'sears.

The communication terminal 1 may be configured so that it detects aconnection of such peripheral devices to the communication terminal andas a result determines it is in a configuration for outputting sensitivedata to a user in a personal way so that only that user may hear or seesuch sensitive data. If such a connection is detected, then no warningmay be displayed to a user. Instead, an advisory 12 c may be displayedto let the user know that the sensitive video or audio is being outputvia the communicatively coupled or otherwise connected peripheraldevices (e.g. the spectacles, earphones, or both the spectacles andearphones).

As may be appreciated from FIG. 4, yet another alternative may utilizethe use of scrambled video instead of displaying an advisory 12 c. Forsuch an alternative, the communication terminal may display a scrambledvideo along with noise 12 d while the video emitted based upon thereceived sensitive video data is displayed on a peripheral device suchas spectacles or a helmet with a display visor based upon the receivedsensitive video data. While being shown via the peripheral device, thevideo may also be shown on the display unit of the communicationterminal in such a way that it is not understandable. For instance, thevideo shown via the display unit 12 of the communication terminal may bescrambled and include added noise or may be otherwise modified so thatthe content of the video is not understandable as shown on the displayof the communication terminal 1. For example, the communication terminalmay emit the scrambled video and not permit the user to actually see anunderstandable version of a video defined by the received sensitivevideo data or will include noise to distract a nearby eyedropper evenmore effectively than just added static noise. Examples of added noisemay be a plurality of prerecorded graphical frames and audio such as aprerecorded music video or other video that may be played to obscure thereal communication video stream. Of course, other video, audio, orcombination of video and audio may also be used to obscure the realcommunication video stream, or just static noise may be added to thetransmitted video data or there may be a combination of both staticnoise along with video, audio or both video and audio to obscure thereal communication video stream.

If the communication terminal does not detect a connection with aperipheral device needed for a secure and personal output of sensitivevideo based upon or defined by sensitive data, the communicationterminal 1 may determine it is not in a configuration that permits apersonal output of video based upon the sensitive video data needed fora user to receive such sensitive data in a personal way so that onlythat user sees the video. The communication terminal 1 may be configuredto automatically reject receipt of sensitive data if it determines thatit is not in a configuration needed for providing sensitive data to auser in a personal way via outputting of data to one or more peripheraldevices connected to the communication terminal. For example, thecommunication terminal 1 may be configured by its user to automaticallyblock receipt of sensitive data if the communication terminal 1 is notin a necessary configuration for secure or personal output of thesensitive data as the user of the communication terminal 1 may desirethat he or she never be in a position to share such content with nearbypersons. The prevention of the receipt of such data may occur prior tothe formation of a communication connection or may occur after such aconnection is formed with another communication device. Alternatively,the communication terminal may be configured to identify receipt of suchdata and provide a warning to a user in response to determining that thecommunication terminal 1 is not in a configuration needed for a personaloutput of audio or video defined by the received sensitive data.

In some embodiments, even if the warning is overridden by a user, thecommunication terminal 1 may be configured to only emit the video thatincludes added noise. For example, the communication terminal may send aresponse message to the telephone in response to obtaining input from auser requesting the warning to be overridden. That response message mayinclude an indicator identifying the fact that the user wishes to havethe sensitive video output without a needed peripheral device or withoutthe communication terminal 1 being in a secure configuration for such anoutput. The telephone may send a request message in response to theresponse message received from the communication terminal 1 thatinstructs the communication terminal 1 to block display of the sensitivevideo or to only permit the sensitive video to be displayed with addednoise unless or until a peripheral device is coupled to thecommunication terminal that permits a personal output of the sensitivevideo.

In yet other embodiments, the communication terminal 1 may be configuredso that received content is considered as sensitive because thecommunication terminal has a parameter set that identifies the fact thatthe user of the communication terminal wants to consider it sensitive(e.g. due to his specific surrounding) and desires to only watch or hearsuch received data securely. In such a case, the communication terminalmay be configured to identify any received data from the telephone asbeing sensitive data regardless of whether the telephone 2 provided thedata with an indicator indicating that the data was sensitive data. Thereceipt of any such data is indicated as sensitive based upon aparameter set by a user of the communication terminal that informs thecommunication terminal 1 to interpret all received data as beingsensitive data. In the event the communication terminal interprets datathat is only identified as being sensitive due to the setting of such areceived data parameter, the communication terminal 1 may not send anysignal or message to the telephone 2 or other communication device toinform that device of how the received data was output by thecommunication terminal 1.

Referring to FIG. 5, an embodiment of the communication terminal 1 mayinclude a processor unit 11 that is connected to memory 15, such as atleast one non-transitory memory. The processor unit 11 may be amicroprocessor, a central processor unit, or other hardware elementconfigured to process or run applications 17 or programs stored in thememory 15. The processor unit 11 may be connected to a transceiver unit13, which may include at least one transmission device and at least onereceiver device for sending and receiving data from other communicationdevices. The transceiver unit 13 may be configured to permit the receiptand transmission of data via at least one of a wireless connection and awired connection.

The processor unit 11 may also be connected to a microphone 16, displayunit 12, speaker 14 and peripheral device interface 19. The processormay communicate with the display unit 12 to cause graphics to bedisplayed on a screen or display of the communication terminal 1. Theprocessor 11 may communicate with the speaker 14 so that audio isemitted from the speaker. The microphone 16 may receive audio input andcommunicate that input to the processor either directly or via storageof such input in the memory 15. The processor 11 may be connected to theperipheral device interface 19 so that data may be sent to at least oneperipheral device so that the peripheral device may utilize or outputvideo or audio that is based on or defined by the sensitive datareceived by the communication terminal. Examples of a peripheral devicemay include earphones 23, spectacles 21 configured to display video orgraphical data or spectacles 21 that include earphones so that bothaudio and visual data may be communicated directly and personally to auser of the communication terminal.

The peripheral device interface 19 may include multiple jacks forforming wired connections to different peripheral device, and may also,or alternatively, include a wireless connection mechanism for wirelesslyconnecting to such devices. The peripheral device interface 19 may beconfigured to utilize Bluetooth or other wireless connection mechanisms,for example, for connecting to one or more peripheral devices. Theprocessor 11 may be configured to detect when a peripheral device isconnected to the communication terminal 1 via the peripheral deviceinterface 19 for use in determining whether sensitive data should besent to the peripheral device for outputting to a user.

It should be understood that the video data or audio data sent toperipheral device communicatively coupled to the communication terminal1 via a wireless connection or other connection may be encrypted so thatthe peripheral device must decrypt the received data prior to displayingor outputting the video or audio defined by the received sensitive data.For instance, if a peripheral device is communicatively coupled via aBluetooth wireless connection or other wireless connection to thecommunication terminal 1, the transmission of sensitive data to theperipheral device may include encrypting of that transmitted data by thecommunication terminal prior to the forwarding of that data to theperipheral device. The peripheral device then may need to decrypt theencrypted data prior to outputting the audio or video based on theencrypted data transmitted by the communication terminal.

It should be understood that sensitive information may be identified assensitive because it is encrypted or because it includes some otheridentifier indicating that the data is not to be distributed tounauthorized persons. For instance, the data could include or beassociated with a confidentiality identifier to identify the fact thatthe data is sensitive data that is not to be distributed to unauthorizedpersons or an identifier indicating that the data is not to becommunicated to unauthorized devices, or an identifier indicating thatthe data is classified. Sensitive information may include commerciallyimportant data, trade secrets, or data that users engaged in thecommunication session do not want their competitors to know about orothers within their organization to know about. Other examples ofsensitive information may include data related to a patient medicalhistory, personal identification numbers (e.g. social security number,personal identification number assigned by an entity, etc.), profiles ofcustomers or vendors, bank account information for a company, customer,vendor, contractor or employee, or customer credit card information. Yetanother example of sensitive information may be images, audio, or otherdata describing a commercial accident, a manufacturing problem, aproduct design, or personal data a user may not want to share with thirdparties or people near the user of the communication terminal 1.

It should be appreciated that many different types of variations to theabove discussed embodiments of the communication terminal, communicationsystem, and method of making and using the same may be made. Forinstance, the sensitive information may not be encrypted in someembodiments, but may instead merely use an identifier located in aportion of the data or sent in such a way as to be associated withtransmitted data to identify the fact that the data is sensitive data.As another example, the spectacles, hat or helmet peripheral devices mayalternatively be replaced with another type of output device sized andconfigured to be positioned over a user's eyes to display graphical ortextual data to at least one of that user's eyes and may also include atleast one earphone for communicating audio data to at least one of theears of the user. As yet another example, the communication terminal maybe a laptop, tablet, or other type of mobile computer device that isable to communicate with other devices via at least one networkconnection, such as an internet connection, enterprise networkconnection, or cellular network connection.

While certain present preferred embodiments of the communicationterminal, communication system, and methods of making and using the samehave been shown and described above, it is to be distinctly understoodthat the invention is not limited thereto but may be otherwise variouslyembodied and practiced within the scope of the following claims.

1. A method of a communication terminal outputting sensitive datacomprising at least one of video data and audio data, the methodcomprising: the communication terminal receiving at least one of (i) anindicator that sensitive data is to be communicated to the communicationterminal in a communication session that is to be established with acommunication device and (ii) the sensitive data via the communicationsession; the communication terminal checking to determine whether atleast a portion of the sensitive data is to be outputted by determiningwhether the communication terminal is in one of a plurality ofpredefined communication configurations for outputting at least one ofaudio and video based on or defined by the sensitive data, thepredefined communication configurations comprising a first configurationfor outputting data and a second configuration for outputting data, thefirst configuration being an arrangement wherein the sensitive data isoutputable via at least one peripheral device connected to thecommunication terminal for outputting at least one of audio and videodefined by or based on the sensitive data to only a user of thecommunication terminal, the second configuration being an arrangementwherein the at least one of the audio and video based on or defined bythe sensitive data is outputted by the communication terminal such thatthat at least one of audio and video is at least one of viewable andaudible to a non-user near the communication terminal; if thecommunication terminal is in the first configuration, the communicationterminal transmitting the sensitive data so that at least one of thevideo and the audio is output to the user via the at least oneperipheral device; and if the communication terminal is in the secondconfiguration, the communication terminal performing at least onesecurity action, the at least one security action comprising at leastone of (a) transmitting a warning to the user that indicates thecommunication terminal is configured to output the sensitive data suchthat the non-user could hear or view at least one of the audio and thevideo and (b) withholding at least a portion of the sensitive data sothat the at least one of the video and the audio is not output to theuser via the communication terminal.
 2. The method of claim 1 whereinthe sensitive data is encrypted data comprised of both video data andaudio data and the communication terminal is a mobile communicationterminal and wherein the at least one peripheral device is comprised ofa video displaying device sized and configured to be worn on a head ofthe user and an audio outputting device that is to be worn adjacent toat least one ear of the user for outputting audio into the at least oneear.
 3. The method of claim 2 wherein the audio outputting device is atleast one earphone and wherein the video displaying device is comprisedof spectacles having at least one display for displaying the video. 4.The method of claim 1 wherein the communication terminal is a mobiletelephone, a cellular telephone, a laptop, a personal digital assistant,a tablet, or a mobile computer device and wherein the sensitive data isdetermined to be sensitive because at least one of: (a) the sensitivedata comprises an identifier indicating the sensitive data is to not beshared with unauthorized people and (b) the communication terminal has aparameter set that indicates that any audio data, video data or bothaudio data and video data received by the communication terminal is tobe considered sensitive data.
 5. The method of claim 1 wherein thecommunication terminal receives the sensitive data from thecommunication device after authorizing the communication device byexchanging security keys with the communication device and wherein thesensitive data is identified as being sensitive because the sensitivedata is encrypted.
 6. The method of claim 1 wherein the sensitive datacomprises both the video data and the audio data and wherein thepredefined communication configurations also comprise a thirdconfiguration wherein the video is displayable via the at least oneperipheral device and the audio is not outputable via one of the atleast one peripheral device, and wherein the first configuration isdefined so that both the video and the audio are outputable via the atleast one peripheral device; and the method further comprises: if thecommunication terminal determines that the communication terminal is inthe third configuration, the communication terminal transmitting thevideo data so that the video is output to the user via the at least oneperipheral device and also performing at least one security action, theat least one security action comprising at least one of (a) transmittinga warning to the user that indicates the communication terminal isconfigured to output the audio such that the non-user could hear theaudio and (b) withholding the audio data so that the audio is not outputto the user via the communication terminal.
 7. The method of claim 1wherein the sensitive data comprises both the video data and the audiodata and wherein the predefined communication configurations alsocomprise a third configuration wherein the audio is outputable via theat least one peripheral device and the video is not outputable via oneof the at least one peripheral device, and wherein the firstconfiguration is defined so that both the video and the audio areoutputable via the at least one peripheral device; and the methodfurther comprises: if the communication terminal determines that thecommunication terminal is in the third configuration, the communicationterminal transmitting the audio data so that the audio is output to theuser via the at least one peripheral device and also performing at leastone security action, the at least one security action comprising atleast one of (a) transmitting a warning to the user that indicates thecommunication terminal is configured to output the video such that thenon-user could view the video and (b) withholding the video data so thatthe video is not output to the user via the communication terminal. 8.The method of claim 1 wherein the video data is comprised of at leastone frame of prerecorded pictorial data wherein the method furthercomprises the communication terminal displaying a scrambled video basedon the video data and a predefined default video when the at least oneperipheral device is connected to the communication terminal anddisplays the video data.
 9. The method of claim 1 wherein thecommunication terminal performs the checking prior to the communicationsession being established and wherein if the communication terminal isin the second configuration the communication terminal withholds thesensitive data so that the sensitive data is not output to the user viathe communication terminal by refusing to establish the communicationsession.
 10. The method of claim 1 further comprising: aftertransmitting the warning the communication terminal detecting the atleast one peripheral device being connected to the communicationterminal; and the communication terminal transmitting the sensitive dataso that at least one of the video and the audio is output to the uservia the at least one peripheral device after detecting the connection ofthe at least one peripheral device.
 11. The method of claim 10 whereinthe warning informs the user that if at least one peripheral device isconnected to the communication terminal at least a portion of thesensitive data will be transmittable to the user via the communicationterminal.
 12. The method of claim 1 further comprising: thecommunication terminal sending a response message to the communicationdevice, the response message having an indicator identifying whether theat least one of the audio and video were output via the at least oneperipheral device.
 13. The method of claim 1 further comprising: Thecommunication terminal sending a response message to the communicationdevice, the response message having an indicator identifying whether theat least one of the audio and video are to be outputted via the at leastone peripheral device; and if the indicator identifies that at least oneof the audio and video is to be outputted by the communication terminalbut will not be outputted via the at least one peripheral device, thecommunication device sending a request message to the communicationterminal requesting that the at least one of the audio and video definedby the sensitive data not be outputted.
 14. The method of claim 13further comprising: the communication terminal receiving the requestmessage from the communication device and blocking output of the atleast one of the video and audio.
 15. The method of claim 14 wherein theat least one of the video and audio are blocked in response to thereceived request message from the communication device until thecommunication terminal is in the first configuration.
 16. Acommunication terminal comprising: at least one processor; at least onenon-transitory memory connected to the processor such that the processorruns applications stored in the memory; at least one receiver unit forreceiving data from a communication device during a communicationsession established with a communication device; at least one interfacefor connecting to at least one peripheral device; the communicationterminal receiving at least one of (i) an indicator that sensitive datais to be communicated to the communication terminal in a communicationsession that is to be established and (ii) the sensitive data via thecommunication session, the sensitive data comprising at least one ofaudio data and video data, the audio data defining audio and the videodata defining a video; the communication terminal checking to determinewhether at least one of the audio and the video is to be outputted bydetermining whether the communication terminal is in one of a pluralityof predefined communication configurations for outputting at least oneof the video and the audio, the predefined communication configurationscomprising a first configuration for outputting data and a secondconfiguration for outputting data, the first configuration being anarrangement wherein at least one of the video and the audio isoutputable via at least one peripheral device connected to thecommunication terminal for outputting tat least one of the audio and thevideo to only a user of the communication terminal, the secondconfiguration being an arrangement wherein at least one of the video andthe audio is outputted by the communication terminal such that thesensitive data is at least one of viewable and audible to a non-usernear the communication terminal; if the communication terminal is in thefirst configuration, the communication terminal transmitting thesensitive data so that at least one of the video and the audio is outputto the user via the at least one peripheral device; and if thecommunication terminal is in the second configuration, the communicationterminal performing at least one security action, the at least onesecurity action comprising at least one of (a) transmitting a warning tothe user that indicates the communication terminal is configured tooutput at least one of the audio and the video such that the non-usercould understand that output and (b) withholding at least a portion ofthe sensitive data so that the at least one of the video and the audiois not output to the user via the communication terminal.
 17. Thecommunication terminal of claim 16 wherein the communication terminal isa mobile communication terminal and wherein the at least one peripheraldevice is comprised of a video displaying device sized and configured tobe worn on a head of the user and an audio outputting device that is tobe worn adjacent to at least one ear of the user.
 18. The communicationterminal of claim 17 wherein the audio outputting device is at least oneearphone and wherein the video displaying device is comprised ofspectacles and wherein the sensitive data is encrypted.
 19. Thecommunication terminal of claim 16 wherein the communication terminal isa mobile telephone, a cellular telephone, a laptop, a personal digitalassistant, a tablet, or a mobile computer device and wherein thesensitive data is determined to be sensitive because at least one of:(a) the sensitive data comprises an identifier indicating the data is tonot be shared with unauthorized people and (b) the communicationterminal has a parameter set that indicates that any audio data, videodata or both audio data and video data is to be considered sensitivedata.
 20. The communication terminal of claim 16 wherein thecommunication terminal receives the sensitive data from thecommunication device after authorizing the communication device byexchanging security keys with the communication device.
 21. Thecommunication terminal of claim 16 wherein the sensitive data comprisesboth the video data and the audio data and wherein the predefinedcommunication configurations also comprise a third configuration whereinthe video is displayable via the at least one peripheral device and theaudio is not outputable via the at least one peripheral device, andwherein the first configuration is defined so that both the video andthe audio are outputable via the at least one peripheral device; and themethod further comprises: if the communication terminal determines thatthe communication terminal is in the third configuration, thecommunication terminal transmitting the video data so that the video isoutput to the user via the at least one peripheral device and alsoperforming at least one security action, the at least one securityaction comprising at least one of (a) transmitting a warning to the userthat indicates the communication terminal is configured to output theaudio such that the non-user could hear the audio and (b) withholdingthe audio data so that the audio is not output to the user via thecommunication terminal.
 22. The communication terminal of claim 16wherein the sensitive data comprises both the video data and the audiodata and wherein the predefined communication configurations alsocomprise a third configuration wherein the audio is outputable via theat least one peripheral device and the video is not outputable via theat least one peripheral device, and wherein the first configuration isdefined so that both the video and the audio are outputable via the atleast one peripheral device; and the method further comprises: if thecommunication terminal determines that the communication terminal is inthe third configuration, the communication terminal transmitting theaudio data so that the audio is output to the user via the at least oneperipheral device and also performing at least one security action, theat least one security action comprising at least one of (a) transmittinga warning to the user that indicates the communication terminal isconfigured to output the video such that the non-user could view thevideo and (b) withholding the video data so that the video is not outputto the user via the communication terminal.
 23. A non-transitorycomputer readable medium having code stored thereon that defines amethod that is implemented when the code is executed, the method definedby the code comprising: a communication terminal receiving at least oneof (i) an indicator that sensitive data is to be communicated to thecommunication terminal in a communication session that is to beestablished and (ii) the sensitive data via the communication session,the sensitive data comprising at least one of video data and audio data,the video data defining a video and the audio data defining audio; thecommunication terminal checking to determine whether at least a portionof the sensitive data is to be outputted by determining whether thecommunication terminal is in one of a plurality of predefinedcommunication configurations for outputting at least one of the videoand the audio, the predefined communication configurations comprising afirst configuration for outputting data and a second configuration foroutputting data, the first configuration being an arrangement wherein atleast one of the audio and the video is outputable via at least oneperipheral device connected to the communication terminal for outputtingat least one of the audio and the video to only a user of thecommunication terminal, the second configuration being an arrangementwherein at least one of the video and the audio is outputted by thecommunication terminal such that at least one of the video and the audiois at least one of viewable and audible to a non-user near thecommunication terminal; if the communication terminal is in the firstconfiguration, the communication terminal transmitting the sensitivedata so that at least one of the video and the audio is output to theuser via the at least one peripheral device; and if the communicationterminal is in the second configuration, the communication terminalperforming at least one security action, the at least one securityaction comprising at least one of (a) transmitting a warning to the userthat indicates the communication terminal is configured to output atleast one of the audio and the video such that the non-user could hearor view at least one of the audio and the video and (b) withholding thesensitive data so that the at least one of the video and the audio isnot output to the user via the communication terminal.
 24. The computerreadable medium of claim 23 wherein the sensitive data comprised boththe video data and the audio data and the communication terminal is amobile communication terminal and wherein the at least one peripheraldevice is comprised of at least one of a video displaying device sizedand configured to be worn on a head of the user and an audio outputtingdevice that is to be worn adjacent to at least one ear of the user andwherein the method further comprises: after transmitting the warning,the communication terminal detecting the at least one peripheral devicebeing connected to the communication terminal; and the communicationterminal transmitting the sensitive data so that at least one of thevideo and the audio is output to the user via the at least oneperipheral device after detecting the connection of the at least oneperipheral device.